﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using SRM.DataObjects;
using System.Data;
using System.Data.SqlClient;

namespace SRM
{
    public partial class ChangePasswordForm : System.Web.UI.Page
    {
        public DataTable Applicant { get; set; }
        public string ApplicantKey { get; set; }

        protected void Page_Load(object sender, EventArgs e)
        {
            this.hdn_UseSAPCode.Value = "1";
            // this.hdn_applicantKey.Value = "550"; // test language
            this.hdn_applicantKey.Value = "765"; // test professional membership
            this.ApplicantKey = "6814";

            Help.Decrypt("asd");

            // 8636
            // 6814
            this.Applicant = SRM_Applicant.GetApplicant(6814);
        }

        protected void Change_Password_Button_Click(object sender, EventArgs e)
        {
            //// Compute MD5 hash for input password
            //string inputMD5 = Help.ComputeMD5(Password_TextBox.Text);

            //// Fetch record in database
            //DataTable dtApplicantAccount = SRM_Applicant.GetApplicantAccount(Email_TextBox.Text.Trim());
            //if ((dtApplicantAccount != null) && (dtApplicantAccount.Rows.Count > 0))
            //{
            //    // Compare MD5
            //    if (inputMD5 == dtApplicantAccount.Rows[0]["Password"].ToString())
            //    {
            //        Session["ApplicantKey"] = dtApplicantAccount.Rows[0]["ApplicantKey"].ToString();
            //        Response.Redirect("ApplicantForm.aspx");
            //    }
            //    else
            //    {
            //        // Display error message
            //        ErrorMessage_Literal.Text = "Invalid credentials.";
            //    }
            //}
            //else
            //{
            //    // Display error message
            //    ErrorMessage_Literal.Text = "Invalid credentials.";
            //}

            //string emailAddress = Email_TextBox.Text.Trim();
            string emailAddress = Session["EmailAddress"].ToString();
            DataTable dtApplicantAccount = SRM_Applicant.GetApplicantAccount(emailAddress);
            if ((dtApplicantAccount != null) && (dtApplicantAccount.Rows.Count > 0))
            {
                if (Help.ComputeMD5(Password_TextBox.Text.Trim()) == dtApplicantAccount.Rows[0]["Password"].ToString())
                {
                    string newPasswordMD5 = Help.ComputeMD5(NewPassword_TextBox.Text.Trim());
                    SRM_Applicant.SetApplicantAccountPassword(emailAddress, newPasswordMD5);
                    ErrorMessage_Literal.Text = "Password set.";
                }
                else
                {
                    ErrorMessage_Literal.Text = "Invalid current password.";
                }

                //// Compare MD5
                //// Generate new password 
                //string newPassword = Help.GenerateNewPassword();
                //string newPasswordMD5 = Help.ComputeMD5(newPassword);

                //// Set new password in account
                //SRM_Applicant.SetApplicantAccountPassword(emailAddress, newPasswordMD5);
            }

            
            
            //NewPassword_TextBox
            //ConfirmPassword_TextBox

            

        }

        public static void SetApplicantAccountPassword(string emailAddress, string passwordMD5)
        {
            using (SqlConnection conn = new SqlConnection(Help.GetConnectionString("SRM")))
            {
                SqlCommand cmd = conn.CreateCommand();

                cmd.CommandText = "UPDATE SRM_Applicant_Tbl SET Password = @NewPassword WHERE   EmailAddress = @EmailAddress;";
                cmd.Parameters.AddWithValue("@EmailAddress", emailAddress);
                cmd.Parameters.AddWithValue("@NewPassword", passwordMD5);

                conn.Open();
                cmd.ExecuteNonQuery();
                conn.Close();
            }
        }
} // public partial class ApplicantForm : System.Web.UI.Page

} // namespace SRM